stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
main
git.stella-ops.org/ops/devops/console
History
StellaOps Bot e2e404e705
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
console-runner-image / build-runner-image (push) Has been cancelled
Details
Signals CI & Image / signals-ci (push) Has been cancelled
Details
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Details
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
Details
up
2025-12-14 16:24:16 +02:00
..
build-console-image.sh
up
2025-12-14 16:24:16 +02:00
build-runner-image-ci.sh
ops/devops: fix console runner build paths and log built image
2025-12-07 15:23:08 +02:00
build-runner-image.sh
ops/devops: fix console runner build paths and log built image
2025-12-07 15:23:08 +02:00
Dockerfile.runner
ops/devops: fix console runner build paths and log built image
2025-12-07 15:23:08 +02:00
package-offline-bundle.sh
up
2025-12-14 16:24:16 +02:00
README.md
ops/devops: add console runner image CI build
2025-12-07 15:12:34 +02:00
seed_playwright.sh
feat: Implement Wine CSP HTTP provider for GOST cryptographic operations
2025-12-07 14:02:42 +02:00

README.md

Console CI runner (offline-friendly)

Status: runner spec + CI now wired to PRs; runner image scaffold + CI build workflow now available with baked npm + Playwright cache.

Runner profile

  • OS: Ubuntu 22.04 LTS (x86_64) with Docker available for Playwright deps if needed.
  • Node: 20.x (LTS). Enable corepack; prefer npm (default) to avoid extra downloads.
  • Caches:
    • npm: ~/.npm keyed by src/Web/package-lock.json hash.
    • Playwright: ~/.cache/ms-playwright pre-seeded with Chromium so npm test -- --browsers=ChromeHeadless can run offline. Seed once using npx playwright install chromium on a connected runner, then snapshot the directory into the runner image.
    • Angular build cache: optional ~/.cache/angular if using angular.json cache; safe to keep.
  • Artifacts retention: keep lint/test/build outputs 14 days; limit to 500 MB per run (coverage + dist + test reports). Artifacts path: artifacts/ (dist, coverage, junit/trx if produced).

Pipeline steps (expected)

  1. Checkout
  2. Node 20 setup with npm cache restore (package-lock at src/Web/package-lock.json).
  3. Install: npm ci --prefer-offline --no-audit --progress=false in src/Web.
  4. Lint: npm run lint -- --no-progress.
  5. Unit: npm test -- --watch=false --browsers=ChromeHeadless --no-progress (headless Chromium from pre-seeded cache).
  6. Build: npm run build -- --configuration=production --progress=false.
  7. Artifact collect: dist/, coverage/, any test-results/**.

Offline/airgap notes

  • Do not hit external registries during CI; rely on pre-seeded npm mirror or cached tarballs. Runner image should contain npm cache prime. If mirror is used, set NPM_CONFIG_REGISTRY=https://registry.npmjs.org equivalent mirror URL inside the runner; default pipeline does not hard-code it.
  • Playwright browsers must be pre-baked; the workflow will not download them.

Runner image (with baked caches)

  • Dockerfile: ops/devops/console/Dockerfile.runner (Node 20, npm cache, Playwright Chromium cache). Builds with npm ci + playwright install chromium --with-deps during the image build.
  • Build locally: IMAGE_TAG=stellaops/console-runner:offline OUTPUT_TAR=ops/devops/artifacts/console-runner/console-runner.tar ops/devops/console/build-runner-image.sh
    • OUTPUT_TAR optional; when set, the script saves the image for airgap transport.
  • Runner expectations: NPM_CONFIG_CACHE=~/.npm, PLAYWRIGHT_BROWSERS_PATH=~/.cache/ms-playwright (paths already baked). Register the runner with a label (e.g., console-ci) and point .gitea/workflows/console-ci.yml at that runner pool.
  • CI build helper: ops/devops/console/build-runner-image-ci.sh wraps the build, sets a run-scoped tag, emits metadata JSON, and saves a tarball under ops/devops/artifacts/console-runner/.
  • CI workflow: .gitea/workflows/console-runner-image.yml (manual + path-trigger) builds the runner image and uploads the tarball + metadata as an artifact named console-runner-image-<run_id>.

Seeding Playwright cache (one-time per runner image, host-based option)

ops/devops/console/seed_playwright.sh
# then bake ~/.cache/ms-playwright into the runner image or mount it on the agent

How to run

  • PR-triggered via .gitea/workflows/console-ci.yml; restrict runners to images with baked Playwright cache.
  • Manual workflow_dispatch remains available for dry runs or cache updates.
  • To refresh the runner image, run the console-runner-image workflow or execute ops/devops/console/build-runner-image-ci.sh locally to generate a tarball and metadata for distribution.